Supporting GDPR in your system

Before you begin – About versions

Are you using version Q1 2018 or later? This version includes the GDPR administration tool in PeopleStage™, anything earlier than this version can be managed using SQL scripts.

See Appendix A: GDPR SQL scripts

If you’re not using Cascade, PeopleStage or the Response database, there’s no need to do anything within the Apteco software.

Apteco and integrations

Apteco software has built-in functions to remove personal data. These functions do not apply to the copies of data uploaded to the downstream channels such as:

  • Email broadcasting

  • SMS messaging

  • WhatsApp

  • Social media platforms

  • CRM systems

  • Mobile push notifications

  • Customer review platforms

  • Programming languages

In each case, functions offered by the channel provider will need to be used to remove personal data from the channel systems.

Support a data subject's right to be forgotten

Article 17 Right to erasure - The upstream systems are responsible for the management of personal data and whether to include it in the data processed by FastStats. If a data subject asks you to remove their information and the data is removed from these source systems, that person is effectively removed from FastStats the next time the FastStats system reloads (typically daily).

GDPR administration tool

However, there is some information that Apteco software creates which is attached to an identifiable person. This information includes, for example, the campaigning activity in PeopleStage and the responses gathered from email broadcasters, which is personal data. The new functions in the GDPR Administration feature in PeopleStage allow you to manage this data.

The new functions enable you to count, anonymise or remove all instances of personal data related to a specified individual where PeopleStage or the Response databases hold the master copy.

You first need to add the GDPR Administration role to a user.

  1. Right-click on a user node in FastStats select Modify > Modify Roles.

  2. Select the PeopleStage GDPR Administrator check box.

The GDPR Administration Tool is available from the PeopleStage Administration menu.

The GDPR Administration dialogue in PeopleStage provides strong data subject removal functions. You may choose to anonymise the data in place or remove all data.

Note: The following table shows a summary of the functions. For a full description on how to use the tool see the following GDPR Administration Tool knowledgebase article: Peoplestage GDPR Administration Tool.

A - Items

  • The number of records associated with the URN.

B - Instances

  • For example, one email record may have 40 messages.

Item Label How It Is Used
1 Urn Urn Enter the Unique Reference Number (URN) for the Data Subject
2 State history and pools

This is the data that tracks where an individual has passed through a campaign and what point they are now at within that campaign if they are retained in a pool.

Select this check box to replace the information with blanks (Anonymise), or delete (Remove) all the data for the selected URN
3 Communications and content The instances of data in the PeopleStage communication history. PeopleStage stores a record for each communication with an individual and the content variations used in that communication. PeopleStage can also store and/or output attribute values with the communication. For example, you could store the total spend made by a customer prior to your communication.
4 Live Data

The data retained by PeopleStage as a result of processing live data from external sources. When selected the internal copy of this data used for processing the data subject is removed.

Note: It does not count or cleanse data from the external live data sources.
5 Email Enter the relevant email address.
6 Email responses Select this check box if you wish to anonymise\remove data from the Email response database for the selected URN.
7 First name

Enter the Facebook first name.

The data subject can only be identified in the Facebook response database by the combination of first name and last name.
8 Last name Enter the Facebook last name.
9 Facebook Select this check box if you wish to anonymise\remove data from the Facebook database for the selected URN.
10 Full name

Enter the Twitter Full Name.

The data subject can be identified in the Twitter response database by a Full name or Twitter handle.
11 Twitter username

Enter the Twitter username.

The Twitter GDPR Admin function will use either or both identifiers.
12 Twitter Select this check box if you wish to anonymise\remove data from the Twitter database.
13 Count Click this button to perform a count of the selected items.
14 Process Click this button to anonymise\remove the selected data.
15 Anonymise or Remove

Select from the following two options from the drop-down menu:

  • Anonymise records by replacing the personally identifiable information with blanks

  • Remove all records from the database, including the reference numbers

GDPR SQL scripts

If you are running a version earlier than Q1 2018, you must use the following SQL scripts:

They are essentially in pairs, one to provide a count and the other to execute the script.

  • Cascade Remove Count: Retrieves a distinct and non-distinct count of communications records to remove for a given URN in the Cascade database.

  • Cascade Remove Execute: Removes communications for a given record in the Cascade database.

  • Facebook Anonymise Count: Retrieves a distinct and non-distinct count of Facebook users and Attributes to anonymise for a given firstname/lastname combination in the Facebook Responses database.

  • Facebook Anonymise Execute: Anonymises and deletes data for a given firstname/lastname combination from the Facebook Response database.

  • PeopleStage Remove Count: Retrieves distinct and non-distinct counts of records that would be removed for a given URN and Email Address from the Communications, CommunicationsTrackingHistory, EmailResponse, EmailResponseDetails & LiveData tables.

  • PeopleStage Remove Execute: Removes data! For a given URN and Email Address combination.

  • Twitter Anonymise Count: Retrieves distinct and non-distinct counts of records that would be anonymised for a given twitter FullName and TwitterUsername from the user table of the Twitter response database.

  • Twitter Anonymise Execute: Removes data and records from the Twitter response database.

  • Twitter Remove Count: Retrieves distinct and non-distinct counts of records that would be removed for a given twitter FullName and TwitterUsername from the user table of the Twitter response database.

  • Twitter Remove Execute: Removes records from the Twitter response database.

See Appendix A: GDPR SQL scripts for more information on how to use these scripts.

Support a data subject's right to access

Article 15 Right to access- Any data subject can, at any time, request that you provide them in a common, easily understood format, all the personal data that you have about them. The information which you must supply in connection with a data subject access request can include:

  • Confirmation that you are processing their data.

  • What information you hold on the data subject and how you’re using it.

  • Other supplementary information (mostly the information provided in your privacy notice).

Data grids

Data grids in Apteco FastStats provides a means to help search for and identify personal data that's being currently held.

  1. Limit the selection to the URN.

  2. Add all the variables to a data grid.

  3. Click the Browse page view icon.

Why was I selected? function

The Why was I selected function can be used to determine why a certain type of person was selected.

Why was I selected in a campaign?

  1. Right-click on a record in the data grid to see the Why was I selected? menu option.

    In the example below, the conditions marked in green are True whereas the conditions marked in red are False for the selected person.

Note: See the Data Grid: Enhanced Why Was I Selected knowledgebase article for more information.

Support a data subject's right to portability

Article 20 - Right to portability

There are no clear guidelines on how to perform this and may not even be possible to transfer to another organisation due to the specificity of the data.

Copies can be sent to the data subject using a data grid (see above) and exporting a CSV file using a zipped password protected export from FastStats.

Data transfer to another organisation could utilize the same process or by arranging an alternate secure method of data transfer.